Expose new APIs from crypto and security packages
The APIs can be used by the security provider to provide
the actual implementation in the future.
Bug: 260847206
Test: tests added
Change-Id: Id4eb29901d2baf3c9d83590e19dc1cbba36094da
diff --git a/api/current.txt b/api/current.txt
index eb8fdb3..6cbe7a0 100644
--- a/api/current.txt
+++ b/api/current.txt
@@ -7930,6 +7930,37 @@
method public java.util.Map<java.lang.String,java.security.KeyStore.ProtectionParameter> getProtectionParams();
}
+ public class DrbgParameters {
+ method public static java.security.DrbgParameters.Instantiation instantiation(int, java.security.DrbgParameters.Capability, byte[]);
+ method public static java.security.DrbgParameters.NextBytes nextBytes(int, boolean, byte[]);
+ method public static java.security.DrbgParameters.Reseed reseed(boolean, byte[]);
+ }
+
+ public enum DrbgParameters.Capability {
+ method public boolean supportsPredictionResistance();
+ method public boolean supportsReseeding();
+ enum_constant public static final java.security.DrbgParameters.Capability NONE;
+ enum_constant public static final java.security.DrbgParameters.Capability PR_AND_RESEED;
+ enum_constant public static final java.security.DrbgParameters.Capability RESEED_ONLY;
+ }
+
+ public static final class DrbgParameters.Instantiation implements java.security.SecureRandomParameters {
+ method public java.security.DrbgParameters.Capability getCapability();
+ method public byte[] getPersonalizationString();
+ method public int getStrength();
+ }
+
+ public static final class DrbgParameters.NextBytes implements java.security.SecureRandomParameters {
+ method public byte[] getAdditionalInput();
+ method public boolean getPredictionResistance();
+ method public int getStrength();
+ }
+
+ public static final class DrbgParameters.Reseed implements java.security.SecureRandomParameters {
+ method public byte[] getAdditionalInput();
+ method public boolean getPredictionResistance();
+ }
+
public class GeneralSecurityException extends java.lang.Exception {
ctor public GeneralSecurityException();
ctor public GeneralSecurityException(String);
@@ -8413,6 +8444,9 @@
method public void setSeed(byte[]);
}
+ public interface SecureRandomParameters {
+ }
+
public abstract class SecureRandomSpi implements java.io.Serializable {
ctor public SecureRandomSpi();
ctor protected SecureRandomSpi(java.security.SecureRandomParameters);
@@ -9259,6 +9293,14 @@
public interface AlgorithmParameterSpec {
}
+ public final class DSAGenParameterSpec implements java.security.spec.AlgorithmParameterSpec {
+ ctor public DSAGenParameterSpec(int, int);
+ ctor public DSAGenParameterSpec(int, int, int);
+ method public int getPrimePLength();
+ method public int getSeedLength();
+ method public int getSubprimeQLength();
+ }
+
public class DSAParameterSpec implements java.security.spec.AlgorithmParameterSpec java.security.interfaces.DSAParams {
ctor public DSAParameterSpec(java.math.BigInteger, java.math.BigInteger, java.math.BigInteger);
method public java.math.BigInteger getG();
@@ -9333,6 +9375,13 @@
method public java.security.spec.ECPoint getW();
}
+ public class EdDSAParameterSpec implements java.security.spec.AlgorithmParameterSpec {
+ ctor public EdDSAParameterSpec(boolean);
+ ctor public EdDSAParameterSpec(boolean, byte[]);
+ method public java.util.Optional<byte[]> getContext();
+ method public boolean isPrehash();
+ }
+
public final class EdECPoint {
ctor public EdECPoint(boolean, @NonNull java.math.BigInteger);
method @NonNull public java.math.BigInteger getY();
@@ -19000,6 +19049,12 @@
package javax.crypto.spec {
+ public final class ChaCha20ParameterSpec implements java.security.spec.AlgorithmParameterSpec {
+ ctor public ChaCha20ParameterSpec(byte[], int);
+ method public int getCounter();
+ method public byte[] getNonce();
+ }
+
public class DESKeySpec implements java.security.spec.KeySpec {
ctor public DESKeySpec(byte[]) throws java.security.InvalidKeyException;
ctor public DESKeySpec(byte[], int) throws java.security.InvalidKeyException;
@@ -19680,6 +19735,16 @@
field public static final String RFC2253 = "RFC2253";
}
+ public final class X500PrivateCredential implements javax.security.auth.Destroyable {
+ ctor public X500PrivateCredential(java.security.cert.X509Certificate, java.security.PrivateKey);
+ ctor public X500PrivateCredential(java.security.cert.X509Certificate, java.security.PrivateKey, String);
+ method public void destroy();
+ method public String getAlias();
+ method public java.security.cert.X509Certificate getCertificate();
+ method public java.security.PrivateKey getPrivateKey();
+ method public boolean isDestroyed();
+ }
+
}
package javax.security.cert {
diff --git a/luni/src/test/java/libcore/java/security/DrbgParametersTest.java b/luni/src/test/java/libcore/java/security/DrbgParametersTest.java
new file mode 100644
index 0000000..6104f4b
--- /dev/null
+++ b/luni/src/test/java/libcore/java/security/DrbgParametersTest.java
@@ -0,0 +1,82 @@
+/*
+ * Copyright (C) 2023 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package libcore.java.security;
+
+import static org.junit.Assert.*;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.JUnit4;
+
+import java.security.DrbgParameters;
+import java.security.DrbgParameters.Capability;
+import java.security.DrbgParameters.Instantiation;
+
+@RunWith(JUnit4.class)
+public class DrbgParametersTest {
+
+ @Test
+ public void testInstantiation() {
+ int strength = 1;
+ Capability capability = Capability.PR_AND_RESEED;
+ byte[] personalizationString = new byte[] {'b', 'y', 'e'};
+ Instantiation instantiation = DrbgParameters.instantiation(strength, capability,
+ personalizationString);
+ assertArrayEquals(personalizationString, instantiation.getPersonalizationString());
+ assertEquals(capability, instantiation.getCapability());
+ assertEquals(strength, instantiation.getStrength());
+ }
+
+ @Test
+ public void testNextBytes_withValidValues() {
+ byte[] additionalInput = new byte[] { 0x00, 0x01, 0x02 };
+ DrbgParameters.NextBytes nextBytes =
+ DrbgParameters.nextBytes(1234567890, true, additionalInput);
+ assertEquals(1234567890, nextBytes.getStrength());
+ assertTrue(nextBytes.getPredictionResistance());
+ assertArrayEquals(additionalInput, nextBytes.getAdditionalInput());
+ }
+
+ @Test
+ public void testNextBytes_withNegativeStrength() {
+ assertThrows(IllegalArgumentException.class, () ->
+ DrbgParameters.nextBytes(-2, true, null));
+ }
+
+ @Test
+ public void testNextBytes_withNullAdditionalInput() {
+ DrbgParameters.NextBytes nextBytes =
+ DrbgParameters.nextBytes(1234567890, true, null);
+ assertEquals(null, nextBytes.getAdditionalInput());
+ }
+
+ @Test
+ public void testReseed_withValidValues() {
+ byte[] additionalInput = new byte[] { 0x00, 0x01, 0x02 };
+ DrbgParameters.Reseed reseed =
+ DrbgParameters.reseed(true, additionalInput);
+ assertTrue(reseed.getPredictionResistance());
+ assertArrayEquals(additionalInput, reseed.getAdditionalInput());
+ }
+
+ @Test
+ public void testReseed_withNullAdditionalInput() {
+ DrbgParameters.Reseed reseed = DrbgParameters.reseed(true, null);
+ assertEquals(null, reseed.getAdditionalInput());
+ }
+
+}
diff --git a/luni/src/test/java/libcore/java/security/spec/DSAGenParameterSpecTest.java b/luni/src/test/java/libcore/java/security/spec/DSAGenParameterSpecTest.java
new file mode 100644
index 0000000..f968f80
--- /dev/null
+++ b/luni/src/test/java/libcore/java/security/spec/DSAGenParameterSpecTest.java
@@ -0,0 +1,67 @@
+/*
+ * Copyright (C) 2023 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package libcore.java.security.spec;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertThrows;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.JUnit4;
+
+import java.security.spec.DSAGenParameterSpec;
+
+@RunWith(JUnit4.class)
+public class DSAGenParameterSpecTest {
+
+ @Test
+ public void testGetters() {
+ // 1024-bit prime P, 160-bit sub-prime Q, 160-bit seed
+ DSAGenParameterSpec dsaParams1 = new DSAGenParameterSpec(1024, 160);
+ assertEquals(1024, dsaParams1.getPrimePLength());
+ assertEquals(160, dsaParams1.getSubprimeQLength());
+ assertEquals(160, dsaParams1.getSeedLength());
+
+ // 2048-bit prime P, 224-bit sub-prime Q, 224-bit seed
+ DSAGenParameterSpec dsaParams2 = new DSAGenParameterSpec(2048, 224, 256);
+ assertEquals(2048, dsaParams2.getPrimePLength());
+ assertEquals(224, dsaParams2.getSubprimeQLength());
+ assertEquals(256, dsaParams2.getSeedLength());
+
+ // 2048-bit prime P, 256-bit sub-prime Q, 256-bit seed
+ DSAGenParameterSpec dsaParams3 = new DSAGenParameterSpec(2048, 256);
+ assertEquals(2048, dsaParams3.getPrimePLength());
+ assertEquals(256, dsaParams3.getSubprimeQLength());
+ assertEquals(256, dsaParams3.getSeedLength());
+
+ // 3072-bit prime P, 256-bit sub-prime Q, 256-bit seed
+ DSAGenParameterSpec dsaParams4 = new DSAGenParameterSpec(3072, 256);
+ assertEquals(3072, dsaParams4.getPrimePLength());
+ assertEquals(256, dsaParams4.getSubprimeQLength());
+ assertEquals(256, dsaParams4.getSeedLength());
+
+ // 1024-bit prime P, 256-bit sub-prime Q, 256-bit seed (not allowed)
+ assertThrows(
+ IllegalArgumentException.class,
+ () -> new DSAGenParameterSpec(1024, 256));
+
+ // 2048-bit prime P, 160-bit sub-prime Q, 224-bit seed (not allowed)
+ assertThrows(
+ IllegalArgumentException.class,
+ () -> new DSAGenParameterSpec(2048, 160, 224));
+ }
+}
diff --git a/luni/src/test/java/libcore/java/security/spec/EdDSAParameterSpecTest.java b/luni/src/test/java/libcore/java/security/spec/EdDSAParameterSpecTest.java
new file mode 100644
index 0000000..5021523
--- /dev/null
+++ b/luni/src/test/java/libcore/java/security/spec/EdDSAParameterSpecTest.java
@@ -0,0 +1,61 @@
+/*
+ * Copyright (C) 2023 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package libcore.java.security.spec;
+
+import static org.junit.Assert.assertArrayEquals;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertThrows;
+import static org.junit.Assert.assertTrue;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.JUnit4;
+
+import java.security.InvalidParameterException;
+import java.security.spec.EdDSAParameterSpec;
+import java.util.Optional;
+
+@RunWith(JUnit4.class)
+public class EdDSAParameterSpecTest {
+
+ @Test
+ public void testIsPrehash() {
+ EdDSAParameterSpec spec = new EdDSAParameterSpec(true);
+ assertTrue(spec.isPrehash());
+ assertEquals(Optional.empty(), spec.getContext());
+ }
+
+ @Test
+ public void testGetContext() {
+ byte[] context = new byte[] { 1, 2, 3 };
+ EdDSAParameterSpec spec = new EdDSAParameterSpec(false, context);
+ assertFalse(spec.isPrehash());
+ assertArrayEquals(context, spec.getContext().get());
+ }
+
+ @Test
+ public void testEdDSAParameterSpec_nullContext() {
+ assertThrows(NullPointerException.class, () -> new EdDSAParameterSpec(false, null));
+ }
+
+ @Test
+ public void testEdDSAParameterSpec_contextTooLarge() {
+ byte[] context = new byte[256];
+ assertThrows(InvalidParameterException.class, () -> new EdDSAParameterSpec(false, context));
+ }
+}
diff --git a/luni/src/test/java/libcore/javax/crypto/spec/ChaCha20ParameterSpecTest.java b/luni/src/test/java/libcore/javax/crypto/spec/ChaCha20ParameterSpecTest.java
new file mode 100644
index 0000000..185a722
--- /dev/null
+++ b/luni/src/test/java/libcore/javax/crypto/spec/ChaCha20ParameterSpecTest.java
@@ -0,0 +1,58 @@
+/*
+ * Copyright (C) 2023 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package libcore.javax.crypto.spec;
+
+import static org.junit.Assert.assertArrayEquals;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertThrows;
+
+import javax.crypto.spec.ChaCha20ParameterSpec;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.JUnit4;
+
+/**
+ * Unit tests for {@link ChaCha20ParameterSpec}.
+ */
+@RunWith(JUnit4.class)
+public class ChaCha20ParameterSpecTest {
+
+ @Test
+ public void constructor_withValidValues() {
+ byte[] nonce = new byte[] {
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b
+ };
+ int counter = 1234567890;
+ ChaCha20ParameterSpec spec = new ChaCha20ParameterSpec(nonce, counter);
+
+ assertEquals(counter, spec.getCounter());
+ assertArrayEquals(nonce, spec.getNonce());
+ }
+
+ @Test
+ public void constructor_withNullNonce() {
+ assertThrows(NullPointerException.class, () -> new ChaCha20ParameterSpec(null, 1234567890));
+ }
+
+ @Test
+ public void constructor_withNonceTooShort() {
+ byte[] nonce = new byte[] { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 };
+ assertThrows(IllegalArgumentException.class, () -> new ChaCha20ParameterSpec(nonce,
+ 1234567890));
+ }
+}
\ No newline at end of file
diff --git a/luni/src/test/java/libcore/javax/security/auth/X500PrivateCredentialTest.java b/luni/src/test/java/libcore/javax/security/auth/X500PrivateCredentialTest.java
new file mode 100644
index 0000000..140d145
--- /dev/null
+++ b/luni/src/test/java/libcore/javax/security/auth/X500PrivateCredentialTest.java
@@ -0,0 +1,145 @@
+/*
+ * Copyright (C) 2023 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package libcore.javax.security.auth;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertThrows;
+import static org.junit.Assert.assertTrue;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.JUnit4;
+
+import java.io.ByteArrayInputStream;
+import java.math.BigInteger;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.KeyPairGenerator;
+import java.security.NoSuchAlgorithmException;
+import java.security.PrivateKey;
+import java.security.cert.Certificate;
+import java.security.cert.CertificateException;
+import java.security.cert.CertificateFactory;
+import java.security.cert.X509Certificate;
+
+import javax.crypto.spec.DHParameterSpec;
+import javax.security.auth.x500.X500PrivateCredential;
+
+@RunWith(JUnit4.class)
+public class X500PrivateCredentialTest {
+
+ @Test
+ public void testX500PrivateCredential_nullArgs() throws Exception {
+ assertThrows(IllegalArgumentException.class, () -> new X500PrivateCredential(null, null));
+ PrivateKey key = createPrivateKey();
+ assertThrows(IllegalArgumentException.class, () -> new X500PrivateCredential(null, key));
+ X509Certificate cert = createCertificate();
+ assertThrows(IllegalArgumentException.class, () -> new X500PrivateCredential(
+ cert, null));
+ }
+
+ @Test
+ public void testX500PrivateCredential_validArgs() throws Exception {
+ PrivateKey key = createPrivateKey();
+ X509Certificate cert = createCertificate();
+ X500PrivateCredential x500Cred = new X500PrivateCredential(cert, key);
+ assertEquals(cert, x500Cred.getCertificate());
+ assertEquals(key, x500Cred.getPrivateKey());
+ assertNull(x500Cred.getAlias());
+
+ String alias = "alias";
+ x500Cred = new X500PrivateCredential(cert, key, alias);
+ assertEquals(cert, x500Cred.getCertificate());
+ assertEquals(key, x500Cred.getPrivateKey());
+ assertEquals(alias, x500Cred.getAlias());
+
+ x500Cred.destroy();
+ assertTrue(x500Cred.isDestroyed());
+ }
+
+ private static X509Certificate createCertificate() throws CertificateException {
+ CertificateFactory certificateFactory = CertificateFactory.getInstance("X509");
+ Certificate certificate = certificateFactory.generateCertificate(
+ new ByteArrayInputStream(encodedCertificate.getBytes()));
+
+ return (X509Certificate) certificate;
+ }
+
+ private static final String encodedCertificate =
+ "-----BEGIN CERTIFICATE-----\n"
+ + "MIID0jCCAzugAwIBAgIBAjANBgkqhkiG9w0BAQQFADCBmjELMAkGA1UEBhMCVUsx\n"
+ + "EjAQBgNVBAgTCUhhbXBzaGlyZTETMBEGA1UEBxMKV2luY2hlc3RlcjETMBEGA1UE\n"
+ + "ChMKSUJNIFVLIEx0ZDEMMAoGA1UECxMDSlRDMRYwFAYDVQQDEw1QYXVsIEggQWJi\n"
+ + "b3R0MScwJQYJKoZIhvcNAQkBFhhQYXVsX0hfQWJib3R0QHVrLmlibS5jb20wHhcN\n"
+ + "MDQwNjIyMjA1MDU1WhcNMDUwNjIyMjA1MDU1WjCBmDELMAkGA1UEBhMCVUsxEjAQ\n"
+ + "BgNVBAgTCUhhbXBzaGlyZTETMBEGA1UEBxMKV2luY2hlc3RlcjETMBEGA1UEChMK\n"
+ + "SUJNIFVrIEx0ZDEMMAoGA1UECxMDSkVUMRQwEgYDVQQDEwtQYXVsIEFiYm90dDEn\n"
+ + "MCUGCSqGSIb3DQEJARYYUGF1bF9IX0FiYm90dEB1ay5pYm0uY29tMIGfMA0GCSqG\n"
+ + "SIb3DQEBAQUAA4GNADCBiQKBgQDitZBQ5d18ecNJpcnuKTraHYtqsAugoc95/L5Q\n"
+ + "28s3t1QAu2505qQR1MZaAkY7tDNyl1vPnZoym+Y06UswTrZoVYo/gPNeyWPMTsLA\n"
+ + "wzQvk5/6yhtE9ciH7B0SqYw6uSiDTbUY/zQ6qed+TsQhjlbn3PUHRjnI2P8A04cg\n"
+ + "LgYYGQIDAQABo4IBJjCCASIwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3Bl\n"
+ + "blNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFPplRPs65hUfxUBs\n"
+ + "6/Taq7nN8i1UMIHHBgNVHSMEgb8wgbyAFJOMtPAwlXdZLqE7DKU6xpL6FjFtoYGg\n"
+ + "pIGdMIGaMQswCQYDVQQGEwJVSzESMBAGA1UECBMJSGFtcHNoaXJlMRMwEQYDVQQH\n"
+ + "EwpXaW5jaGVzdGVyMRMwEQYDVQQKEwpJQk0gVUsgTHRkMQwwCgYDVQQLEwNKVEMx\n"
+ + "FjAUBgNVBAMTDVBhdWwgSCBBYmJvdHQxJzAlBgkqhkiG9w0BCQEWGFBhdWxfSF9B\n"
+ + "YmJvdHRAdWsuaWJtLmNvbYIBADANBgkqhkiG9w0BAQQFAAOBgQAnQ22Jw2HUrz7c\n"
+ + "VaOap31mTikuQ/CQxpwPYiSyTJ4s99eEzn+2yAk9tIDIJpqoay/fj+OLgPUQKIAo\n"
+ + "XpRVvmHlGE7UqMKebZtSZJQzs6VoeeKFhgHmqg8eVC2AsTc4ZswJmg4wCui5AH3a\n"
+ + "oqG7PIM3LxZqXYQlZiPSZ6kCpDOWVg==\n"
+ + "-----END CERTIFICATE-----\n";
+ private static PrivateKey createPrivateKey()
+ throws InvalidAlgorithmParameterException, NoSuchAlgorithmException {
+ KeyPairGenerator kpg = KeyPairGenerator.getInstance("DH");
+ kpg.initialize(new DHParameterSpec(DH_PARAMS_P, DH_PARAMS_G));
+ PrivateKey key = kpg.generateKeyPair().getPrivate();
+ assertNotNull(key);
+ return key;
+
+ }
+
+ // Generated with: openssl dhparam -C 1024
+ private static final BigInteger DH_PARAMS_P = new BigInteger(1, new byte[] {
+ (byte) 0xA2, (byte) 0x31, (byte) 0xB4, (byte) 0xB3, (byte) 0x6D, (byte) 0x9B,
+ (byte) 0x7E, (byte) 0xF4, (byte) 0xE7, (byte) 0x21, (byte) 0x51, (byte) 0x40,
+ (byte) 0xEB, (byte) 0xC6, (byte) 0xB6, (byte) 0xD6, (byte) 0x54, (byte) 0x56,
+ (byte) 0x72, (byte) 0xBE, (byte) 0x43, (byte) 0x18, (byte) 0x30, (byte) 0x5C,
+ (byte) 0x15, (byte) 0x5A, (byte) 0xF9, (byte) 0x19, (byte) 0x62, (byte) 0xAD,
+ (byte) 0xF4, (byte) 0x29, (byte) 0xCB, (byte) 0xC6, (byte) 0xF6, (byte) 0x64,
+ (byte) 0x0B, (byte) 0x9D, (byte) 0x23, (byte) 0x80, (byte) 0xF9, (byte) 0x5B,
+ (byte) 0x1C, (byte) 0x1C, (byte) 0x6A, (byte) 0xB4, (byte) 0xEA, (byte) 0xB9,
+ (byte) 0x80, (byte) 0x98, (byte) 0x8B, (byte) 0xAF, (byte) 0x15, (byte) 0xA8,
+ (byte) 0x5C, (byte) 0xC4, (byte) 0xB0, (byte) 0x41, (byte) 0x29, (byte) 0x66,
+ (byte) 0x9F, (byte) 0x9F, (byte) 0x1F, (byte) 0x88, (byte) 0x50, (byte) 0x97,
+ (byte) 0x38, (byte) 0x0B, (byte) 0x01, (byte) 0x16, (byte) 0xD6, (byte) 0x84,
+ (byte) 0x1D, (byte) 0x48, (byte) 0x6F, (byte) 0x7C, (byte) 0x06, (byte) 0x8C,
+ (byte) 0x6E, (byte) 0x68, (byte) 0xCD, (byte) 0x38, (byte) 0xE6, (byte) 0x22,
+ (byte) 0x30, (byte) 0x61, (byte) 0x37, (byte) 0x02, (byte) 0x3D, (byte) 0x47,
+ (byte) 0x62, (byte) 0xCE, (byte) 0xB9, (byte) 0x1A, (byte) 0x69, (byte) 0x9D,
+ (byte) 0xA1, (byte) 0x9F, (byte) 0x10, (byte) 0xA1, (byte) 0xAA, (byte) 0x70,
+ (byte) 0xF7, (byte) 0x27, (byte) 0x9C, (byte) 0xD4, (byte) 0xA5, (byte) 0x15,
+ (byte) 0xE2, (byte) 0x15, (byte) 0x0C, (byte) 0x20, (byte) 0x90, (byte) 0x08,
+ (byte) 0xB6, (byte) 0xF5, (byte) 0xDF, (byte) 0x1C, (byte) 0xCB, (byte) 0x82,
+ (byte) 0x6D, (byte) 0xC0, (byte) 0xE1, (byte) 0xBD, (byte) 0xCC, (byte) 0x4A,
+ (byte) 0x76, (byte) 0xE3,
+ });
+
+ // generator of 2
+ private static final BigInteger DH_PARAMS_G = BigInteger.valueOf(2);
+}
diff --git a/openjdk_java_files.bp b/openjdk_java_files.bp
index 36e420c..6a2a8ae 100644
--- a/openjdk_java_files.bp
+++ b/openjdk_java_files.bp
@@ -626,6 +626,7 @@
"ojluni/src/main/java/java/security/DigestOutputStream.java",
"ojluni/src/main/java/java/security/DomainCombiner.java",
"ojluni/src/main/java/java/security/DomainLoadStoreParameter.java",
+ "ojluni/src/main/java/java/security/DrbgParameters.java",
"ojluni/src/main/java/java/security/GeneralSecurityException.java",
"ojluni/src/main/java/java/security/GuardedObject.java",
"ojluni/src/main/java/java/security/Guard.java",
@@ -687,6 +688,7 @@
"ojluni/src/main/java/java/security/PublicKey.java",
"ojluni/src/main/java/java/security/SecureClassLoader.java",
"ojluni/src/main/java/java/security/SecureRandom.java",
+ "ojluni/src/main/java/java/security/SecureRandomParameters.java",
"ojluni/src/main/java/java/security/SecureRandomSpi.java",
"ojluni/src/main/java/java/security/Security.java",
"ojluni/src/main/java/java/security/SecurityPermission.java",
@@ -696,6 +698,7 @@
"ojluni/src/main/java/java/security/SignedObject.java",
"ojluni/src/main/java/java/security/Signer.java",
"ojluni/src/main/java/java/security/spec/AlgorithmParameterSpec.java",
+ "ojluni/src/main/java/java/security/spec/DSAGenParameterSpec.java",
"ojluni/src/main/java/java/security/spec/DSAParameterSpec.java",
"ojluni/src/main/java/java/security/spec/DSAPrivateKeySpec.java",
"ojluni/src/main/java/java/security/spec/DSAPublicKeySpec.java",
@@ -707,6 +710,7 @@
"ojluni/src/main/java/java/security/spec/ECPoint.java",
"ojluni/src/main/java/java/security/spec/ECPrivateKeySpec.java",
"ojluni/src/main/java/java/security/spec/ECPublicKeySpec.java",
+ "ojluni/src/main/java/java/security/spec/EdDSAParameterSpec.java",
"ojluni/src/main/java/java/security/spec/EdECPoint.java",
"ojluni/src/main/java/java/security/spec/EdECPrivateKeySpec.java",
"ojluni/src/main/java/java/security/spec/EdECPublicKeySpec.java",
@@ -1305,6 +1309,7 @@
"ojluni/src/main/java/javax/crypto/SecretKeyFactorySpi.java",
"ojluni/src/main/java/javax/crypto/SecretKey.java",
"ojluni/src/main/java/javax/crypto/ShortBufferException.java",
+ "ojluni/src/main/java/javax/crypto/spec/ChaCha20ParameterSpec.java",
"ojluni/src/main/java/javax/crypto/spec/DESedeKeySpec.java",
"ojluni/src/main/java/javax/crypto/spec/DESKeySpec.java",
"ojluni/src/main/java/javax/crypto/spec/DHGenParameterSpec.java",
@@ -1377,6 +1382,7 @@
"ojluni/src/main/java/javax/security/auth/SubjectDomainCombiner.java",
"ojluni/src/main/java/javax/security/auth/Subject.java",
"ojluni/src/main/java/javax/security/auth/x500/X500Principal.java",
+ "ojluni/src/main/java/javax/security/auth/x500/X500PrivateCredential.java",
"ojluni/src/main/java/javax/security/auth/x500/package-info.java",
"ojluni/src/main/java/javax/security/auth/package-info.java",
"ojluni/src/main/java/javax/security/cert/CertificateEncodingException.java",
@@ -1513,18 +1519,12 @@
"ojluni/src/main/java/java/lang/constant/PrimitiveClassDescImpl.java",
"ojluni/src/main/java/java/lang/constant/ReferenceClassDescImpl.java",
"ojluni/src/main/java/java/lang/constant/package-info.java",
- "ojluni/src/main/java/java/security/DrbgParameters.java",
- "ojluni/src/main/java/java/security/SecureRandomParameters.java",
- "ojluni/src/main/java/java/security/spec/DSAGenParameterSpec.java",
- "ojluni/src/main/java/java/security/spec/EdDSAParameterSpec.java",
"ojluni/src/main/java/java/time/zone/IcuZoneRulesProvider.java",
"ojluni/src/main/java/java/time/zone/ZoneRulesProvider.java",
"ojluni/src/main/java/java/util/ImmutableCollections.java",
"ojluni/src/main/java/java/util/LocaleISOData.java",
"ojluni/src/main/java/java/util/KeyValueHolder.java",
"ojluni/src/main/java/java/util/JapaneseImperialCalendar.java",
- "ojluni/src/main/java/javax/crypto/spec/ChaCha20ParameterSpec.java",
- "ojluni/src/main/java/javax/security/auth/x500/X500PrivateCredential.java",
"ojluni/src/main/java/jdk/net/ExtendedSocketOptions.java",
"ojluni/src/main/java/jdk/net/NetworkPermission.java",
"ojluni/src/main/java/jdk/net/SocketFlow.java",